package com.jyu.apts.controller;

import java.util.ArrayList;
import java.util.List;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authz.annotation.RequiresAuthentication;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import com.jyu.apts.dto.PermissionDto;
import com.jyu.apts.dto.ResultDto;
import com.jyu.apts.dto.UserDto;
import com.jyu.apts.entity.Permission;
import com.jyu.apts.entity.Role;
import com.jyu.apts.entity.User;
import com.jyu.apts.service.PermissionService;
import com.jyu.apts.service.UserService;

@RestController
public class PermissionController {
	@Autowired
	private UserService userService;

	@Autowired
	private PermissionService permissionService;
	
	@RequiresPermissions("role_permission_html")
	@RequestMapping("/getAllPermission")
	public List<PermissionDto> getAllPermission() {
		List<PermissionDto> permissionDtos = new ArrayList<PermissionDto>();
		List<Permission> permissions = permissionService.findAll();
		for(Permission permission : permissions) {
			permissionDtos.add(new PermissionDto().convert(permission));
		}
		return permissionDtos;
	}
	
	@RequiresAuthentication
	@RequestMapping("/getPermission")
	public List<PermissionDto> getPermission() {
		UserDto userDto = (UserDto) SecurityUtils.getSubject().getSession().getAttribute("userDto");
		User user = userService.findByUsername(userDto.getUsername());
		
		List<PermissionDto> permissionDtos = new ArrayList<PermissionDto>();
		List<Permission> permissions = new ArrayList<Permission>();
		Role role = user.getRole();

		List<Permission> role_perms = role.getPermissions();
		if (role_perms != null)
			for (Permission permission : role_perms)
				if (!permissions.contains(permission)) {
					permissions.add(permission);
					PermissionDto permDto = new PermissionDto();
					permDto = permDto.convert(permission);
					permissionDtos.add(permDto);
				}
		return permissionDtos;
	}
	
	@RequiresPermissions("role_permission_html")
	@RequestMapping("/addPermission")
	public ResultDto addPermission(Permission permission) {
		if(permission.getStringPermission()==null || permission.getStringPermission().trim().length()==0) {
			return new ResultDto("权限字段不能为空",null,2);
		}
		permission.setParent(false);
		if(permission.getPid()!=null) {
			Permission parentPerm = permissionService.getOne(permission.getPid());
			parentPerm.setParent(true);
			permissionService.save(parentPerm);
		}
		permissionService.save(permission);
		return new ResultDto("添加成功",null,0);
	}
	
	@RequiresPermissions("role_permission_html")
	@RequestMapping("/upPermission")
	public ResultDto upPermission(Permission permission) {
		if(permission.getStringPermission()==null || permission.getStringPermission().trim().length()==0) {
			return new ResultDto("权限字段不能为空",null,2);
		}
		permissionService.save(permission);
		return new ResultDto("更新成功",null,0);
	}
	
	@RequiresPermissions("role_permission_html")
	@RequestMapping("/delPermission")
	public ResultDto delPermission(String ids) {
		String[] idArray = ids.split(",");
		List<Permission> permissions = new ArrayList<Permission>();
		for(String id : idArray) {
			Permission permission = new Permission();
			permission.setId(new Long(id));
			permissions.add(permission);
		}
		permissionService.delete(permissions);
		return new ResultDto("删除成功",null,0);
	}
	
}
